Issue No.01 - Jan.-Feb. (2013 vol.11)
Alexander Kott , US Army Research Laboratory
Curtis Arnold , US Army Research Laboratory
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2013.19
Continuous monitoring and risk scoring is a comprehensive process of maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. Two of the most salient aspects of CMRS are continuous data collection through automated feeds and analysis of that data to assess and score risks. CMRS attracts growing interest due to its potential to be far more agile, responsive, and perhaps less expensive than such alternatives as periodic reporting and certification. While the potential benefits could be great, so are the challenges of implementing a successful CMRS system.
Risk assessment, Network security, Computer security, Software performance, Monitoring, CMRS, cybersecurity, continuous monitoring, risk scoring, vulnerability assessment, network defense
Alexander Kott, Curtis Arnold, "The Promises and Challenges of Continuous Monitoring and Risk Scoring", IEEE Security & Privacy, vol.11, no. 1, pp. 90-93, Jan.-Feb. 2013, doi:10.1109/MSP.2013.19